How do I load an HTTPS URL in iOS 9?

Question

What setting do I need to put in my info.plist to enable HTTPS mode? I've already put this in my plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

But it's not working, I'm still getting this error

Error Message:-

2016-02-25 12:46:31.860 Indus Audio[707:13224] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

2016-02-25 14:20:31.119 Indus Audio[817:23670] Response:(null) Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “www.indusaudio.com” which could put your confidential information at risk."

UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, NSErrorPeerCertificateChainKey={type = immutable, count = 1, values = ( 0 : )}, NSUnderlyingError=0x7f9e58e05cf0 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=, _kCFNetworkCFStreamSSLErrorOriginalValue=-9813, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9813, kCFStreamPropertySSLPeerCertificates={type = immutable, count = 1, values = ( 0 : )}}},

URL: https://www.xxxxx.com/xxx/xxx/files/downloadFile/en/linto

This question has the exact same error code: http://stackoverflow.com/q/21025622/433373 — Nicolas Miari, Feb 25 '16 at 08:45
Given the error code, your server is most probably missing an intermediate certificate. What happens if you open the same URL in Safari iOS, Safari Mac, or another browser? — jcaron, Feb 25 '16 at 09:05
actually i used to open these URL via one extension is called Advanced client in chrome.There it will works fine and these URL is working in android perfectly — linto jacob, Feb 25 '16 at 09:18

Scar · Accepted Answer · 2016-02-25T10:19:07.643

UPDATE: Better update your server to support SSL and TLSv1.2

Use this for temporary use only. This method isn't totally advisable:

   <key>NSAppTransportSecurity</key>
<dict>
    <!--Connect to anything. Not advisable. For desperate measures I guess-->
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

Original Answer:

iOS 9 supports TLSv1.2, see this document. So by changing it to TLSv1.1, it bypasses the security (which is not that completely advisable). Also, specify your url like this:

 <key>NSAppTransportSecurity</key>
<dict>
  <key>NSExceptionDomains</key>
  <dict>
    <key>enterYourUrlHere.com</key>
    <dict>
      <!--Include to allow subdomains-->
      <key>NSIncludesSubdomains</key>
      <true/>
      <!--Include to allow HTTP requests-->
      <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
      <true/>
      <!--Include to specify minimum TLS version-->
      <key>NSTemporaryExceptionMinimumTLSVersion</key>
      <string>TLSv1.1</string>
    </dict>
  </dict>
</dict>

instead of `https://www.xxxxx.com/xxx/xxx/files/downloadFile/en/linto`, try `http://www.xxxxx.com/xxx/xxx/files/downloadFile/en/linto` — Scar, Feb 25 '16 at 10:15
I've updated my answer but please consider updating your server. — Scar, Feb 25 '16 at 10:19

score -1 · Answer 2 · answered Feb 25 '16 at 10:09

-1

Add App Transport Security Settings in info.plist file and set Allow Arbitrary Loads item to YES.

answered Feb 25 '16 at 10:09

MuhammadTalhaSiddiqui

103
9

can u tell me how can i add these information in my plist – linto jacob Feb 25 '16 at 10:14
You can just add "App Transport Security Settings" key and add nested key "Allow Arbitrary Loads" then set it to YES. – MuhammadTalhaSiddiqui Feb 25 '16 at 10:19
This would allow your app to connect to any URL, its not a secure way to do a job – MuhammadTalhaSiddiqui Feb 25 '16 at 10:21

How do I load an HTTPS URL in iOS 9?

2 Answers2